Enabling Cisco DNS Lookup (ASA and IOS)
May13

Enabling Cisco DNS Lookup (ASA and IOS)

Posted By on May 13, 2025

Cisco DNS Lookup KB ID 0000969  Problem For the most part, devices are more concerned with IP and MAC addresses, but the devices do have the ability to translate those IP addresses using DNS. Solution : Cisco DNS Lookup How to Enable Cisco DNS Lookup on  ASA As ASA is ‘My Thing’ I will start with that. 1. Connect to the ASA, log in and go to enable mode, and then global configuration mode. Type help or ‘?’ for...

Read More
Cisco Router – Configure NAT (NAT Overload)
May11

Cisco Router – Configure NAT (NAT Overload)

Posted By on May 11, 2025

 NAT Overload KB ID 0000971  Problem NAT is the process of taking one or more IP addresses and translating it/them into different IP addresses. You may require your router to translate all your internal IP addresses to your public (ISP allocated) IP address. To do that we use a process called NAT Overload. Solution : Nat Overload 1. Connect to the router, and got to enable mode, then global configuration mode. PetesRouter#configure...

Read More
Cisco ASA Domain Authentication and Trust (Allowing)
May08

Cisco ASA Domain Authentication and Trust (Allowing)

Posted By on May 8, 2025

ASA Domain Authentication KB ID 0000973  Problem I cringed this morning when I was asked about this, last time I had to get a client to authenticate to a domain through a firewall, it was ‘entertaining’. The problem is Windows loves to use RPC, which likes to use random ports, so to make it work you either had to open TCP ports 49152 and 65535 (Yes I’m Serious). Or you had to registry hack all your domain controllers...

Read More
Cisco ASA – Remote VPN Client Internet Access
May02

Cisco ASA – Remote VPN Client Internet Access

Posted By on May 2, 2025

VPN Client Internet Access KB ID 0000977 Problem I have answered a lot of questions in forums, that are worded something like, “When I have a remote client connected to my firewall VPN they lose Internet access!” Traditionally that’s exactly what the ‘default’ remote VPN Internet  access (IPSEC or AnyConnect) gave you. To ensure your remote VPN clients can access the Internet you have two options. The...

Read More
Cisco ASA – VPN Reverse Route Injection With OSPF
Apr25

Cisco ASA – VPN Reverse Route Injection With OSPF

Posted By on Apr 25, 2025

Reverse Route Injection KB ID 0000982  Problem Reverse Route injection is the process that can be used on a Cisco ASA to take a route for an established VPN, and populate/inject that route into the routing table of other devices in it’s routing group. In the example below, on the main site, we have a Layer 3 switch that’s routing all the 192.168.x.x networks, and we have an established site to site VPN to a remote site. To...

Read More
Cisco ASA Remote Management via VPN
Apr21

Cisco ASA Remote Management via VPN

Posted By on Apr 21, 2025

ASA Remote Management KB ID 0000984 Problem It’s been ages since I has to do this, I usually just manage firewalls via SSH from outside. But I was out on a client site last week and needed to connect to to my ASA, so I simply connected in via AnyConnect; Note: The same procedure is applicable if you are an IPSEC VPN client, L2TP VPN client, or simply coming in over a site to site VPN link. And attempted to SSH, no joy, I tried...

Read More